Commit Graph

472 Commits

Author SHA1 Message Date
Brad Fitzpatrick 8ca796d144 ipn, ipn/policy: filter portlist to a short list of "interesting" ports
Adds new package ipn/policy to be shared between node client & control server.

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-04-01 10:03:44 -07:00
Brad Fitzpatrick c6aa5b639f tailcfg: clarify Hostinfo.OS doc 2020-04-01 09:27:35 -07:00
Brad Fitzpatrick 4524dcf51e version: move runtime.OS to tailscale OS mapping func to version
So other code can use this without duplicating the policy.
2020-04-01 08:50:56 -07:00
David Anderson c14bc028ac cmd/microproxy: tiny TLS proxy that borrows autocert x509 certs. 2020-03-31 12:24:33 -07:00
Brad Fitzpatrick 1df3c8d02a derp, netcheck: make tests listen on localhost only
avoid macOS firewall pop-ups
2020-03-30 11:29:08 -07:00
Brad Fitzpatrick 5362e952e1 safesocket: gofmt
Was developed on a random machine without my normal environment.
2020-03-30 11:23:18 -07:00
Brad Fitzpatrick fee2d9fad4 safesocket: connect to the macOS network extension on darwin (as last resort)
(For cmd/tailscale CLI support on macOS)

Signed-off-by: Brad Fitzpatrick <brad@danga.com>
2020-03-29 22:15:28 -07:00
David Crawshaw 0590ad68be controlclient, ipn: adjust tests for authURL semantic changes
The tests cheat at filling out web forms by directly POSTing to
the target. The target for authURLs has changed slightly, the base
authURL now redirects the user to the login page.

Additionally, the authURL cycle now checks the cookie is set
correctly, so we add cookie jars where necessary to pass the
cookie through.
2020-03-30 15:51:46 +11:00
Brad Fitzpatrick a4ef345737 cmd/tailscale: add status subcommand
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-03-27 20:34:36 -07:00
Brad Fitzpatrick 810c1e9704 types/key: make Public implement TextMarshaler, TextUnmarshaler
So it can be a map key with encoding/json
2020-03-27 13:03:35 -07:00
Brad Fitzpatrick f51f18b42b ipn: move FakeBackend to a test-only file 2020-03-27 13:02:33 -07:00
Brad Fitzpatrick 8ebee05fbd cmd/tailscale: remove unnecessary logpolicy/logtail logging 2020-03-27 08:27:36 -07:00
David Anderson 80261b02ba testy: make safe for concurrent use.
Signed-off-by: David Anderson <dave@natulte.net>
2020-03-27 03:05:34 -07:00
David Anderson 1fdadf06f1 testy: don't give Clock.Step==0 magical behavior.
Turns out it's sometimes useful to stop time entirely.

Signed-off-by: David Anderson <dave@natulte.net>
2020-03-27 00:38:39 -07:00
Brad Fitzpatrick 8b3f6be008 control/controlclient: flip IPv6 to be on by default
The DEBUG_INCLUDE_IPV6 environment variable is now an opt-out.

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-03-26 22:02:56 -07:00
Brad Fitzpatrick 322499473e cmd/tailscaled, wgengine, ipn: add /debug/ipn handler with world state
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-03-26 14:26:24 -07:00
David Anderson dbca186a64 stunner: fix data race.
In very low-latency conditions, a STUN request can complete before
the startup loop has finished firing off goroutines, leading to
a concurrent map mutation.
2020-03-25 23:11:22 -07:00
Brad Fitzpatrick 7fb8d873ac logpolicy: don't log timestamp when running under systemd
It'll do it anyway.

Makes journalctl -fu cleaner.

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-03-25 21:03:06 -07:00
Brad Fitzpatrick 2d48f92a82 wgengine/magicsock: re-stun every [20,27] sec, not 28
28 is cutting it close, and we think jitter will help some spikes
we're seeing.

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-03-25 14:25:33 -07:00
Brad Fitzpatrick 2c7ddd0828 go.mod, go.sum: tidy 2020-03-25 14:05:33 -07:00
Brad Fitzpatrick 577f321c38 wgengine/magicsock: revise derp fallback logic
Revision to earlier 6284454ae5

Don't be sticky if we have no peers.

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-03-25 13:09:18 -07:00
David Anderson cbd8aceb95 go.mod: bump wireguard-go version.
Fixes #219.

Signed-off-by: David Anderson <dave@natulte.net>
2020-03-25 12:20:46 -07:00
Brad Fitzpatrick 2e420ad8b6 wgengine, wgengine/filter: minor doc, style, performance, locking changes
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-03-25 08:41:01 -07:00
Brad Fitzpatrick 6284454ae5 wgengine/magicsock: if UDP blocked, pick DERP where most peers are
Updates #207

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-03-25 08:00:44 -07:00
Avery Pennarun f53e78e0d5 wgengine: don't lose filter state on filter reconfig.
We were abandoning the UDP port LRU every time we got a new packet
filter from tailcontrol, which caused return packets to suddenly stop
arriving.
2020-03-25 04:52:41 -04:00
Avery Pennarun 4336de0d98 ipn/local: don't print packet filter every single time.
It's extremely noisy right now for domains with complex ACLs.
2020-03-25 04:52:41 -04:00
Avery Pennarun a56e853b72 cmd/relaynode: delete it!
tailscale+tailscaled now completely obsoletes relaynode, so let's let
it finally go away.
2020-03-25 04:48:15 -04:00
David Anderson 73fccd8b06 control/controlclient: remove old compat PacketFilter initialization.
Signed-off-by: David Anderson <dave@natulte.net>
2020-03-24 16:00:41 -07:00
Brad Fitzpatrick d321190578 wgengine/magicsock: stringify [IPv6]:port normally in AddrSet.String 2020-03-24 13:40:43 -07:00
Brad Fitzpatrick 3c3ea8bc8a wgengine/magicsock: finish IPv6 transport support
DEBUG_INCLUDE_IPV6=1 is still required, but works now.

Updates #18 (fixes it, once env var gate is removed)
2020-03-24 10:56:22 -07:00
Brad Fitzpatrick 82ed7e527e wgengine/magicsock: remove log allocation
This was the whole point but I goofed at the last line.
2020-03-24 08:14:47 -07:00
Brad Fitzpatrick 8454bbbda5 wgengine/magicsock: more logging improvements
* remove endpoint discovery noise when results unchanged
* consistently spell derp nodes as "derp-N"
* replace "127.3.3.40:" with "derp-" in CreateEndpoint log output
* stop early DERP setup before SetPrivateKey is called;
  it just generates log nosie
* fix stringification of peer ShortStrings (it had an old %x on it,
  rendering it garbage)
* describe why derp routes are changing, with one of:
  shared home, their home, our home, alt
2020-03-24 08:12:55 -07:00
Brad Fitzpatrick 64aff0db7b control/controlclient: add TODO to delete the UAPI method 2020-03-24 07:25:14 -07:00
Brad Fitzpatrick 7740cbd8d9 ipn: call SetNetInfoCallback later, in Start
It was being called back into ultimately from magicsock before there
was a control client.

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-03-23 22:19:40 -07:00
Brad Fitzpatrick 680311b3df wgengine/magicsock: fix few remaining logs without package prefix 2020-03-23 22:11:49 -07:00
Brad Fitzpatrick c473927558 wgengine/magicsock: clean up, add, improve DERP logs 2020-03-23 21:57:58 -07:00
Brad Fitzpatrick e749377a56 derp/derphttp: remove a redundant log message 2020-03-23 21:23:36 -07:00
Brad Fitzpatrick 1d3f45f9be derp/derphttp: ignore PeerGoneMessage in test 2020-03-23 14:13:49 -07:00
Brad Fitzpatrick ea9310403d wgengine/magicsock: re-STUN on DERP connection death
Fixes #201
2020-03-23 13:19:33 -07:00
Brad Fitzpatrick 1ab5b31c4b derp, magicsock: send new "peer gone" frames when previous sender disconnects
Updates #150 (not yet enabled by default in magicsock)

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-03-22 21:00:47 -07:00
David Crawshaw e60b433831 tailcfg: NetInfo.String: handle nil object without panicing
Signed-off-by: David Crawshaw <crawshaw@tailscale.com>
2020-03-23 13:34:33 +11:00
Brad Fitzpatrick b6f77cc48d wgengine/magicsock: return early, outdent in derpWriteChanOfAddr 2020-03-22 14:08:59 -07:00
Brad Fitzpatrick 8c4cef60f8 derp: wait for send goroutine to finish before returning from run
I saw a test flake due to the sender goroutine logging (ultimately to
t.Logf) after the server was closed.

This makes sure the all goroutines are cleaned up before Server.Close
returns.
2020-03-22 13:10:07 -07:00
Brad Fitzpatrick 521ad7b0fc derp: only flush writes to clients when we're out of things to write
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-03-22 08:01:25 -07:00
Brad Fitzpatrick 0a25abcdaa derp: remove TODO comment
It was done in bf704a5218
2020-03-22 07:54:50 -07:00
Brad Fitzpatrick 8519a1b29f derp: revert rename of pkt to sendMsg
New plan, sorry.

Most reverts 77921a31b1, except some doc changes.
2020-03-21 22:17:22 -07:00
Brad Fitzpatrick c34b350efa derp: remove the mutex around and closing of send channel
Makes it less complicated.

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-03-21 22:00:04 -07:00
Brad Fitzpatrick 77921a31b1 derp: rename pkt to sendMsg, in prep for other types of writes
Updates #150
2020-03-21 20:34:49 -07:00
Brad Fitzpatrick 1453aecb44 derp: add sclient.done channel, simplify some context passing
This is mostly prep for a few future CLs, making sure we always have a
close-on-dead done channel available to select on when doing other
channel operations.
2020-03-21 18:28:34 -07:00
David Anderson ea90780066 derp: specify type of the by-reason drop varz.
Signed-off-by: David Anderson <dave@natulte.net>
2020-03-20 15:53:04 -07:00